Oathe Security Badge

Is Brawl345/browser-tools safe?

https://github.com/Brawl345/browser-tools

88
SAFE

This is a legitimate browser automation skill built with Playwright that provides comprehensive browser control capabilities including navigation, form interaction, data extraction, and network monitoring. While it has inherent access to sensitive browser data by design, the code is transparent, well-documented, and shows no evidence of malicious intent or hidden functionality.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 75/100 · 25%
Code Execution 85/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 80/100 · 5%

Findings (3)

MEDIUM Browser data access capabilities -25

The skill has legitimate but broad access to browser data including cookies, localStorage, sessionStorage, network traffic, and can capture screenshots. The network monitoring script can log request/response bodies and headers which may contain sensitive information.

LOW Executable Python scripts -15

The skill contains multiple executable Python scripts for browser automation. While transparent and legitimate, they do execute code on the system.

LOW Potential for misuse -20

As a comprehensive browser automation tool, this skill could potentially be misused for unauthorized web scraping, automated attacks, or privacy violations, though no malicious intent is evident.